Warning: Permanently added '[localhost]:55129' (ED25519) to the list of known hosts.
2025/05/17 16:09:02 ignoring optional flag "sandboxArg"="0"
2025/05/17 16:09:02 ignoring optional flag "type"="qemu"
2025/05/17 16:09:03 parsed 1 programs
[  125.006771][ T5608] Adding 124996k swap on ./swap-file.  Priority:0 extents:1 across:124996k 
[  129.603953][   T49] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[  129.608313][   T49] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[  129.612005][   T49] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[  129.619378][   T49] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  129.623273][   T49] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[  130.699546][ T5663] chnl_net:caif_netlink_parms(): no params data found
[  130.764554][ T5663] bridge0: port 1(bridge_slave_0) entered blocking state
[  130.768494][ T5663] bridge0: port 1(bridge_slave_0) entered disabled state
[  130.771676][ T5663] bridge_slave_0: entered allmulticast mode
[  130.775745][ T5663] bridge_slave_0: entered promiscuous mode
[  130.781730][ T5663] bridge0: port 2(bridge_slave_1) entered blocking state
[  130.785172][ T5663] bridge0: port 2(bridge_slave_1) entered disabled state
[  130.789416][ T5663] bridge_slave_1: entered allmulticast mode
[  130.793388][ T5663] bridge_slave_1: entered promiscuous mode
[  130.818611][ T5663] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  130.824950][ T5663] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  130.850777][ T5663] team0: Port device team_slave_0 added
[  130.856211][ T5663] team0: Port device team_slave_1 added
[  130.880139][ T5663] batman_adv: batadv0: Adding interface: batadv_slave_0
[  130.883289][ T5663] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  130.895696][ T5663] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  130.902137][ T5663] batman_adv: batadv0: Adding interface: batadv_slave_1
[  130.905210][ T5663] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  130.917424][ T5663] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  130.955108][ T5663] hsr_slave_0: entered promiscuous mode
[  130.959302][ T5663] hsr_slave_1: entered promiscuous mode
[  131.599921][ T5663] netdevsim netdevsim0 netdevsim0: renamed from eth0
[  131.621712][ T5663] netdevsim netdevsim0 netdevsim1: renamed from eth1
[  131.637838][ T5663] netdevsim netdevsim0 netdevsim2: renamed from eth2
[  131.643515][ T5663] netdevsim netdevsim0 netdevsim3: renamed from eth3
[  131.809023][ T5663] 8021q: adding VLAN 0 to HW filter on device bond0
[  131.833307][ T5663] 8021q: adding VLAN 0 to HW filter on device team0
[  131.853262][ T1034] bridge0: port 1(bridge_slave_0) entered blocking state
[  131.856461][ T1034] bridge0: port 1(bridge_slave_0) entered forwarding state
[  131.873310][ T1034] bridge0: port 2(bridge_slave_1) entered blocking state
[  131.876461][ T1034] bridge0: port 2(bridge_slave_1) entered forwarding state
[  132.244558][ T5663] 8021q: adding VLAN 0 to HW filter on device batadv0
[  132.322161][ T5663] veth0_vlan: entered promiscuous mode
[  132.341228][ T5663] veth1_vlan: entered promiscuous mode
[  132.389750][ T5663] veth0_macvtap: entered promiscuous mode
[  132.410618][ T5663] veth1_macvtap: entered promiscuous mode
[  132.440325][ T5663] batman_adv: batadv0: Interface activated: batadv_slave_0
[  132.459055][ T5663] batman_adv: batadv0: Interface activated: batadv_slave_1
[  132.469314][ T5663] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  132.486089][ T5663] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  132.490823][ T5663] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  132.494658][ T5663] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  132.710141][   T12] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  132.819809][   T12] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  132.879963][   T12] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  132.974452][ T1034] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  132.990321][ T1034] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  133.051113][ T1034] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  133.059196][ T1034] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  133.786911][   T12] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
2025/05/17 16:09:17 executed programs: 0
[  134.825503][ T4659] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[  134.831778][ T4659] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[  134.835416][ T4659] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[  134.841496][ T4659] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  134.845550][ T4659] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[  135.328261][   T12] bridge_slave_1: left allmulticast mode
[  135.330670][   T12] bridge_slave_1: left promiscuous mode
[  135.333169][   T12] bridge0: port 2(bridge_slave_1) entered disabled state
[  135.346734][   T12] bridge_slave_0: left allmulticast mode
[  135.358282][   T12] bridge_slave_0: left promiscuous mode
[  135.360953][   T12] bridge0: port 1(bridge_slave_0) entered disabled state
[  135.799288][   T12] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  135.823988][   T12] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  135.840494][   T12] bond0 (unregistering): Released all slaves
[  135.861345][ T5752] chnl_net:caif_netlink_parms(): no params data found
[  135.939594][   T12] hsr_slave_0: left promiscuous mode
[  135.948745][   T12] hsr_slave_1: left promiscuous mode
[  135.958022][   T12] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  135.961424][   T12] batman_adv: batadv0: Removing interface: batadv_slave_0
[  135.969945][   T12] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  135.977848][   T12] batman_adv: batadv0: Removing interface: batadv_slave_1
[  135.994607][   T12] veth1_macvtap: left promiscuous mode
[  136.005409][   T12] veth0_macvtap: left promiscuous mode
[  136.010744][   T12] veth1_vlan: left promiscuous mode
[  136.013152][   T12] veth0_vlan: left promiscuous mode
[  136.374202][   T12] team0 (unregistering): Port device team_slave_1 removed
[  136.395298][   T12] team0 (unregistering): Port device team_slave_0 removed
[  136.729893][ T5752] bridge0: port 1(bridge_slave_0) entered blocking state
[  136.733199][ T5752] bridge0: port 1(bridge_slave_0) entered disabled state
[  136.736320][ T5752] bridge_slave_0: entered allmulticast mode
[  136.759861][ T5752] bridge_slave_0: entered promiscuous mode
[  136.782606][ T5752] bridge0: port 2(bridge_slave_1) entered blocking state
[  136.791246][ T5752] bridge0: port 2(bridge_slave_1) entered disabled state
[  136.798593][ T5752] bridge_slave_1: entered allmulticast mode
[  136.808404][ T5752] bridge_slave_1: entered promiscuous mode
[  136.861572][ T5752] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  136.877506][ T4659] Bluetooth: hci0: command tx timeout
[  136.892382][ T5752] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  136.964683][ T5752] team0: Port device team_slave_0 added
[  136.980207][ T5752] team0: Port device team_slave_1 added
[  137.034263][ T5752] batman_adv: batadv0: Adding interface: batadv_slave_0
[  137.040393][ T5752] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  137.067831][ T5752] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  137.395083][ T5752] batman_adv: batadv0: Adding interface: batadv_slave_1
[  137.403920][ T5752] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  137.444191][ T5752] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  137.620157][ T5752] hsr_slave_0: entered promiscuous mode
[  137.634184][ T5752] hsr_slave_1: entered promiscuous mode
[  137.920305][ T1312] ieee802154 phy0 wpan0: encryption failed: -22
[  137.923773][ T1312] ieee802154 phy1 wpan1: encryption failed: -22
[  138.255647][ T5752] netdevsim netdevsim0 netdevsim0: renamed from eth0
[  138.280550][ T5752] netdevsim netdevsim0 netdevsim1: renamed from eth1
[  138.288734][ T5752] netdevsim netdevsim0 netdevsim2: renamed from eth2
[  138.308277][ T5752] netdevsim netdevsim0 netdevsim3: renamed from eth3
[  138.441365][ T5752] 8021q: adding VLAN 0 to HW filter on device bond0
[  138.466619][ T5752] 8021q: adding VLAN 0 to HW filter on device team0
[  138.502727][ T1034] bridge0: port 1(bridge_slave_0) entered blocking state
[  138.506037][ T1034] bridge0: port 1(bridge_slave_0) entered forwarding state
[  138.531624][ T1034] bridge0: port 2(bridge_slave_1) entered blocking state
[  138.535330][ T1034] bridge0: port 2(bridge_slave_1) entered forwarding state
[  138.863293][ T5752] 8021q: adding VLAN 0 to HW filter on device batadv0
[  138.934579][ T5752] veth0_vlan: entered promiscuous mode
[  138.955179][ T5752] veth1_vlan: entered promiscuous mode
[  138.959020][ T4659] Bluetooth: hci0: command tx timeout
[  139.009381][ T5752] veth0_macvtap: entered promiscuous mode
[  139.019985][ T5752] veth1_macvtap: entered promiscuous mode
[  139.054638][ T5752] batman_adv: batadv0: Interface activated: batadv_slave_0
[  139.085041][ T5752] batman_adv: batadv0: Interface activated: batadv_slave_1
[  139.092740][ T5752] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  139.096405][ T5752] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  139.121443][ T5752] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  139.125371][ T5752] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  139.254448][ T1034] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  139.268892][ T1034] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  139.319286][   T70] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  139.322697][   T70] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  139.778992][ T5820] loop0: detected capacity change from 0 to 32768
[  139.788983][ T5820] =======================================================
[  139.788983][ T5820] WARNING: The mand mount option has been deprecated and
[  139.788983][ T5820]          and is ignored by this kernel. Remove the mand
[  139.788983][ T5820]          option from the mount to silence this warning.
[  139.788983][ T5820] =======================================================
[  139.890793][ T5820] JBD2: Ignoring recovery information on journal
[  139.982942][ T5820] ocfs2: Mounting device (7,0) on (node local, slot 0) with ordered data mode.
[  140.019068][   T25] audit: type=1804 audit(1747498162.933:2): pid=5820 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.0.15" name="/newroot/0/file1/bus" dev="loop0" ino=17058 res=1 errno=0
[  140.040373][ T5820] ==================================================================
[  140.043913][ T5820] BUG: KASAN: slab-out-of-bounds in ocfs2_claim_suballoc_bits+0x877/0x2450
[  140.047775][ T5820] Read of size 4 at addr ffff88803f3570b0 by task syz.0.15/5820
[  140.052057][ T5820] 
[  140.053136][ T5820] CPU: 0 UID: 0 PID: 5820 Comm: syz.0.15 Not tainted 6.15.0-rc6-syzkaller-00278-g172a9d94339c #0 PREEMPT(full) 
[  140.053150][ T5820] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  140.053157][ T5820] Call Trace:
[  140.053164][ T5820]  <TASK>
[  140.053170][ T5820]  dump_stack_lvl+0x189/0x250
[  140.053188][ T5820]  ? __virt_addr_valid+0x18c/0x540
[  140.053201][ T5820]  ? rcu_is_watching+0x15/0xb0
[  140.053209][ T5820]  ? __kasan_check_byte+0x12/0x40
[  140.053219][ T5820]  ? __pfx_dump_stack_lvl+0x10/0x10
[  140.053233][ T5820]  ? rcu_is_watching+0x15/0xb0
[  140.053241][ T5820]  ? lock_release+0x4b/0x3e0
[  140.053258][ T5820]  ? __virt_addr_valid+0x18c/0x540
[  140.053271][ T5820]  ? __virt_addr_valid+0x469/0x540
[  140.053285][ T5820]  print_report+0xb4/0x290
[  140.053298][ T5820]  ? ocfs2_claim_suballoc_bits+0x877/0x2450
[  140.053310][ T5820]  kasan_report+0x118/0x150
[  140.053319][ T5820]  ? ocfs2_claim_suballoc_bits+0x877/0x2450
[  140.053330][ T5820]  ocfs2_claim_suballoc_bits+0x877/0x2450
[  140.053343][ T5820]  ? __pfx_ocfs2_claim_suballoc_bits+0x10/0x10
[  140.053354][ T5820]  ? __ocfs2_journal_access+0x621/0x820
[  140.053370][ T5820]  ? __mutex_unlock_slowpath+0x1cd/0x700
[  140.053427][ T5820]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  140.053440][ T5820]  ? jbd2_write_access_granted+0x69/0x310
[  140.053452][ T5820]  ? jbd2_write_access_granted+0x69/0x310
[  140.053472][ T5820]  ocfs2_claim_metadata+0x178/0x4c0
[  140.053488][ T5820]  ? __pfx_ocfs2_claim_metadata+0x10/0x10
[  140.053504][ T5820]  ? __pfx_ocfs2_start_trans+0x10/0x10
[  140.053519][ T5820]  ? ocfs2_metadata_cache_get_super+0x43/0x80
[  140.053533][ T5820]  ? ocfs2_inode_cache_get_super+0xd/0x40
[  140.053547][ T5820]  ocfs2_create_refcount_tree+0x54f/0x1250
[  140.053567][ T5820]  ? __pfx_ocfs2_create_refcount_tree+0x10/0x10
[  140.053585][ T5820]  ? find_get_entries+0x688/0x7f0
[  140.053595][ T5820]  ? find_get_entries+0xfe/0x7f0
[  140.053606][ T5820]  ? __pfx_find_get_entries+0x10/0x10
[  140.053617][ T5820]  ? __filemap_get_folio+0x9a6/0xaf0
[  140.053627][ T5820]  ? seqcount_lockdep_reader_access+0x123/0x1c0
[  140.053640][ T5820]  ocfs2_reflink_remap_blocks+0x2ea/0x1930
[  140.053659][ T5820]  ? __pfx_truncate_inode_pages_range+0x10/0x10
[  140.053673][ T5820]  ? __pfx_ocfs2_reflink_remap_blocks+0x10/0x10
[  140.053694][ T5820]  ? __lock_acquire+0xaac/0xd20
[  140.053712][ T5820]  ? down_write+0x162/0x1f0
[  140.053722][ T5820]  ? __pfx_down_write+0x10/0x10
[  140.053732][ T5820]  ? generic_remap_file_range_prep+0x3e/0x60
[  140.053741][ T5820]  ocfs2_remap_file_range+0x4b7/0x730
[  140.053755][ T5820]  ? __pfx_ocfs2_remap_file_range+0x10/0x10
[  140.053769][ T5820]  ? rcu_read_lock_any_held+0xb3/0x120
[  140.053779][ T5820]  ? __pfx_rcu_read_lock_any_held+0x10/0x10
[  140.053791][ T5820]  ? __pfx_ocfs2_remap_file_range+0x10/0x10
[  140.053803][ T5820]  vfs_copy_file_range+0xd53/0x1310
[  140.053821][ T5820]  ? __pfx_vfs_copy_file_range+0x10/0x10
[  140.053838][ T5820]  __se_sys_copy_file_range+0x319/0x460
[  140.053855][ T5820]  ? __pfx___se_sys_copy_file_range+0x10/0x10
[  140.053871][ T5820]  ? __x64_sys_copy_file_range+0x21/0xf0
[  140.053885][ T5820]  do_syscall_64+0xf6/0x210
[  140.053900][ T5820]  ? clear_bhb_loop+0x60/0xb0
[  140.053912][ T5820]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  140.053922][ T5820] RIP: 0033:0x7f16ed579e79
[  140.053934][ T5820] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  140.053943][ T5820] RSP: 002b:00007f16ee440038 EFLAGS: 00000246 ORIG_RAX: 0000000000000146
[  140.053960][ T5820] RAX: ffffffffffffffda RBX: 00007f16ed715f80 RCX: 00007f16ed579e79
[  140.053968][ T5820] RDX: 0000000000000004 RSI: 0000000000000000 RDI: 0000000000000006
[  140.053975][ T5820] RBP: 00007f16ed5e7916 R08: 0000000000000006 R09: 0000000000000000
[  140.053982][ T5820] R10: 00000000200000c0 R11: 0000000000000246 R12: 0000000000000000
[  140.053988][ T5820] R13: 0000000000000000 R14: 00007f16ed715f80 R15: 00007ffe303fe778
[  140.053999][ T5820]  </TASK>
[  140.054002][ T5820] 
[  140.221537][ T5820] Allocated by task 1:
[  140.223338][ T5820]  kasan_save_track+0x3e/0x80
[  140.225517][ T5820]  __kasan_slab_alloc+0x6c/0x80
[  140.227652][ T5820]  kmem_cache_alloc_noprof+0x1c1/0x3c0
[  140.230029][ T5820]  __kernfs_new_node+0xd7/0x7f0
[  140.232150][ T5820]  kernfs_new_node+0x102/0x210
[  140.234238][ T5820]  __kernfs_create_file+0x4b/0x2e0
[  140.236460][ T5820]  sysfs_add_file_mode_ns+0x238/0x300
[  140.238721][ T5820]  internal_create_group+0x66d/0x1110
[  140.241011][ T5820]  sysfs_slab_add+0x14a/0x290
[  140.243092][ T5820]  slab_sysfs_init+0x63/0x170
[  140.245232][ T5820]  do_one_initcall+0x233/0x820
[  140.247360][ T5820]  do_initcall_level+0x137/0x1f0
[  140.249601][ T5820]  do_initcalls+0x69/0xd0
[  140.251509][ T5820]  kernel_init_freeable+0x3d9/0x570
[  140.253794][ T5820]  kernel_init+0x1d/0x1d0
[  140.255711][ T5820]  ret_from_fork+0x4b/0x80
[  140.257715][ T5820]  ret_from_fork_asm+0x1a/0x30
[  140.259861][ T5820] 
[  140.260920][ T5820] The buggy address belongs to the object at ffff88803f357000
[  140.260920][ T5820]  which belongs to the cache kernfs_node_cache of size 176
[  140.267155][ T5820] The buggy address is located 0 bytes to the right of
[  140.267155][ T5820]  allocated 176-byte region [ffff88803f357000, ffff88803f3570b0)
[  140.273245][ T5820] 
[  140.274352][ T5820] The buggy address belongs to the physical page:
[  140.277174][ T5820] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x3f357
[  140.280949][ T5820] flags: 0x4fff00000000000(node=1|zone=1|lastcpupid=0x7ff)
[  140.284145][ T5820] page_type: f5(slab)
[  140.285877][ T5820] raw: 04fff00000000000 ffff88803046cdc0 dead000000000122 0000000000000000
[  140.289529][ T5820] raw: 0000000000000000 0000000000110011 00000000f5000000 0000000000000000
[  140.293308][ T5820] page dumped because: kasan: bad access detected
[  140.296145][ T5820] page_owner tracks the page as allocated
[  140.298576][ T5820] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x52cc0(GFP_KERNEL|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP), pid 1, tgid 1 (swapper/0), ts 26551082334, free_ts 25985930526
[  140.306237][ T5820]  post_alloc_hook+0x1d8/0x230
[  140.308429][ T5820]  get_page_from_freelist+0x21ce/0x22b0
[  140.310891][ T5820]  __alloc_frozen_pages_noprof+0x181/0x370
[  140.313403][ T5820]  alloc_pages_mpol+0x232/0x4a0
[  140.315581][ T5820]  allocate_slab+0x8a/0x3b0
[  140.317584][ T5820]  ___slab_alloc+0xbfc/0x1480
[  140.319742][ T5820]  kmem_cache_alloc_noprof+0x283/0x3c0
[  140.322104][ T5820]  __kernfs_new_node+0xd7/0x7f0
[  140.324257][ T5820]  kernfs_new_node+0x102/0x210
[  140.326300][ T5820]  __kernfs_create_file+0x4b/0x2e0
[  140.328485][ T5820]  sysfs_add_file_mode_ns+0x238/0x300
[  140.330778][ T5820]  internal_create_group+0x66d/0x1110
[  140.333128][ T5820]  sysfs_slab_add+0x14a/0x290
[  140.335391][ T5820]  slab_sysfs_init+0x63/0x170
[  140.337419][ T5820]  do_one_initcall+0x233/0x820
[  140.339562][ T5820]  do_initcall_level+0x137/0x1f0
[  140.341655][ T5820] page last free pid 10 tgid 10 stack trace:
[  140.344273][ T5820]  __free_frozen_pages+0xb0e/0xcd0
[  140.346500][ T5820]  vfree+0x1a6/0x330
[  140.348199][ T5820]  delayed_vfree_work+0x55/0x80
[  140.350356][ T5820]  process_scheduled_works+0xade/0x17a0
[  140.352689][ T5820]  worker_thread+0x8a0/0xda0
[  140.354754][ T5820]  kthread+0x711/0x8a0
[  140.356534][ T5820]  ret_from_fork+0x4b/0x80
[  140.358447][ T5820]  ret_from_fork_asm+0x1a/0x30
[  140.360503][ T5820] 
[  140.361561][ T5820] Memory state around the buggy address:
[  140.364001][ T5820]  ffff88803f356f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  140.367486][ T5820]  ffff88803f357000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  140.370953][ T5820] >ffff88803f357080: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc 00 00
[  140.374358][ T5820]                                      ^
[  140.376847][ T5820]  ffff88803f357100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  140.380208][ T5820]  ffff88803f357180: 00 00 00 00 fc fc fc fc fc fc fc fc 00 00 00 00
[  140.383649][ T5820] ==================================================================
[  140.570416][ T5820] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[  140.573639][ T5820] CPU: 0 UID: 0 PID: 5820 Comm: syz.0.15 Not tainted 6.15.0-rc6-syzkaller-00278-g172a9d94339c #0 PREEMPT(full) 
[  140.578696][ T5820] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  140.583346][ T5820] Call Trace:
[  140.584888][ T5820]  <TASK>
[  140.586233][ T5820]  dump_stack_lvl+0x99/0x250
[  140.588301][ T5820]  ? __asan_memcpy+0x40/0x70
[  140.590361][ T5820]  ? __pfx_dump_stack_lvl+0x10/0x10
[  140.592636][ T5820]  ? __pfx__printk+0x10/0x10
[  140.594719][ T5820]  panic+0x2db/0x790
[  140.596509][ T5820]  ? __pfx_panic+0x10/0x10
[  140.598421][ T5820]  ? _raw_spin_unlock_irqrestore+0xfd/0x110
[  140.600981][ T5820]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  140.603666][ T5820]  ? print_memory_metadata+0x314/0x400
[  140.606077][ T5820]  ? ocfs2_claim_suballoc_bits+0x877/0x2450
[  140.608705][ T5820]  check_panic_on_warn+0x89/0xb0
[  140.610881][ T5820]  ? ocfs2_claim_suballoc_bits+0x877/0x2450
[  140.613413][ T5820]  end_report+0x78/0x160
[  140.615449][ T5820]  kasan_report+0x129/0x150
[  140.617484][ T5820]  ? ocfs2_claim_suballoc_bits+0x877/0x2450
[  140.620098][ T5820]  ocfs2_claim_suballoc_bits+0x877/0x2450
[  140.622634][ T5820]  ? __pfx_ocfs2_claim_suballoc_bits+0x10/0x10
[  140.625384][ T5820]  ? __ocfs2_journal_access+0x621/0x820
[  140.627812][ T5820]  ? __mutex_unlock_slowpath+0x1cd/0x700
[  140.630210][ T5820]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  140.632801][ T5820]  ? jbd2_write_access_granted+0x69/0x310
[  140.635333][ T5820]  ? jbd2_write_access_granted+0x69/0x310
[  140.637857][ T5820]  ocfs2_claim_metadata+0x178/0x4c0
[  140.640076][ T5820]  ? __pfx_ocfs2_claim_metadata+0x10/0x10
[  140.642531][ T5820]  ? __pfx_ocfs2_start_trans+0x10/0x10
[  140.645062][ T5820]  ? ocfs2_metadata_cache_get_super+0x43/0x80
[  140.647871][ T5820]  ? ocfs2_inode_cache_get_super+0xd/0x40
[  140.650407][ T5820]  ocfs2_create_refcount_tree+0x54f/0x1250
[  140.653005][ T5820]  ? __pfx_ocfs2_create_refcount_tree+0x10/0x10
[  140.655740][ T5820]  ? find_get_entries+0x688/0x7f0
[  140.657956][ T5820]  ? find_get_entries+0xfe/0x7f0
[  140.660154][ T5820]  ? __pfx_find_get_entries+0x10/0x10
[  140.662427][ T5820]  ? __filemap_get_folio+0x9a6/0xaf0
[  140.664798][ T5820]  ? seqcount_lockdep_reader_access+0x123/0x1c0
[  140.667554][ T5820]  ocfs2_reflink_remap_blocks+0x2ea/0x1930
[  140.670079][ T5820]  ? __pfx_truncate_inode_pages_range+0x10/0x10
[  140.672691][ T5820]  ? __pfx_ocfs2_reflink_remap_blocks+0x10/0x10
[  140.675455][ T5820]  ? __lock_acquire+0xaac/0xd20
[  140.677610][ T5820]  ? down_write+0x162/0x1f0
[  140.679661][ T5820]  ? __pfx_down_write+0x10/0x10
[  140.681828][ T5820]  ? generic_remap_file_range_prep+0x3e/0x60
[  140.684380][ T5820]  ocfs2_remap_file_range+0x4b7/0x730
[  140.686748][ T5820]  ? __pfx_ocfs2_remap_file_range+0x10/0x10
[  140.689306][ T5820]  ? rcu_read_lock_any_held+0xb3/0x120
[  140.691709][ T5820]  ? __pfx_rcu_read_lock_any_held+0x10/0x10
[  140.694373][ T5820]  ? __pfx_ocfs2_remap_file_range+0x10/0x10
[  140.696954][ T5820]  vfs_copy_file_range+0xd53/0x1310
[  140.699167][ T5820]  ? __pfx_vfs_copy_file_range+0x10/0x10
[  140.701573][ T5820]  __se_sys_copy_file_range+0x319/0x460
[  140.704118][ T5820]  ? __pfx___se_sys_copy_file_range+0x10/0x10
[  140.706678][ T5820]  ? __x64_sys_copy_file_range+0x21/0xf0
[  140.709144][ T5820]  do_syscall_64+0xf6/0x210
[  140.711177][ T5820]  ? clear_bhb_loop+0x60/0xb0
[  140.713178][ T5820]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  140.715714][ T5820] RIP: 0033:0x7f16ed579e79
[  140.717665][ T5820] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  140.726059][ T5820] RSP: 002b:00007f16ee440038 EFLAGS: 00000246 ORIG_RAX: 0000000000000146
[  140.729655][ T5820] RAX: ffffffffffffffda RBX: 00007f16ed715f80 RCX: 00007f16ed579e79
[  140.733118][ T5820] RDX: 0000000000000004 RSI: 0000000000000000 RDI: 0000000000000006
[  140.736495][ T5820] RBP: 00007f16ed5e7916 R08: 0000000000000006 R09: 0000000000000000
[  140.739895][ T5820] R10: 00000000200000c0 R11: 0000000000000246 R12: 0000000000000000
[  140.743212][ T5820] R13: 0000000000000000 R14: 00007f16ed715f80 R15: 00007ffe303fe778
[  140.746619][ T5820]  </TASK>
[  140.748276][ T5820] Kernel Offset: disabled
[  140.750090][ T5820] Rebooting in 86400 seconds..